ModSecurity

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and if it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the traffic than any server does, so you will manage to keep an eye on what is happening with your websites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it identifies if someone is trying to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the software blocks the attempts right away, after that records comprehensive info about them inside its logs. ModSecurity is amongst the best software firewalls on the market and it could easily protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity can be found with each hosting package that we provide and it is activated by default for every domain or subdomain that you include via your Hepsia CP. In case it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You may also enable a passive mode, so the firewall will recognize potential attacks and keep a log, but shall not take any action. You could see detailed logs in the same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your sites with our company, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains you add using your hosting CP. If needed, you can disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall shall still operate and record info, but won't do anything to prevent potential attacks on your sites. Detailed logs will be readily available in your CP and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We employ two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our admins sometimes include to respond to newly identified threats on time.

ModSecurity is provided with all Hepsia-based virtual private servers we offer and it'll be switched on automatically for every new domain or subdomain that you add on the server. In this way, any web application you install shall be protected right from the start without doing anything by hand on your end. The firewall can be managed through the section of the Control Panel that bears the same name. This is the place whereyou'll be able to disable ModSecurity or let its passive mode, so it shall not take any action towards threats, but shall still maintain a thorough log. The recorded data is available inside the same section as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones which we obtain from a security organization and custom ones that are added by our admins to maximize the security of any web applications hosted on our end.

When you choose to host your websites on a dedicated server with the Hepsia CP, your web applications shall be protected immediately since ModSecurity is available with all Hepsia-based plans. You'll be able to control the firewall without difficulty and if necessary, you'll be able to turn it off or enable its passive mode when it shall only maintain a log of what's going on without taking any action to stop potential attacks. The logs which you can find in the same section of the CP are really detailed and include information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This information shall allow you to take measures and boost the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators add whenever they detect attacks that haven't yet been included in the commercial pack.